The cost of computer viruses is rocketing in Vietnam, thanks largely to ransomware and malware (“phần mềm độc hại”) that’s being spread by state-sponsored threat groups.

Users and businesses in the Southeast Asian country lost $900 million during 2019, according to Bkav Technology Group, a Hanoi-based provider of information security products and services.

In its 2018 retrospective of cybersecurity in Vietnam, Bkav projects this number as much higher than the $640 million it reported lost throughout the nation in the year before.

However, the number of infected machines in 2019 rose by just 3.5%, Bkav said, showing just how much the cost of each incident is rising.

More than half of computers in Vietnam (58%) carry some sort of malware, with most infected by software downloaded from the internet. The number of infected computers in 2019 totaled 85.2 million, Bkav said.

In one piece of good news, virus infection via USB devices fell sharply, down by 22% from 2018, but still amounting to an overall rate of 55%. Email-borne viruses were up by 4%, the report said.

Another major risk, Bkav said, is that 41% of computers in Vietnam still contain the SMB vulnerabilities that were exploited in 2017 by the WannaCry virus.

APT malware has also continued to cause problems in the country, with 420,000 computers infected with W32.Fileless.

This fileless malware, according to Bkav’s vice president of anti-malware, Vu Ngoc Son, leaves no signs of its presence.

“W32.Fileless hides in the system configuration parameters such as Registry, WMI, or Task Schedule,” Son said in the Bkav report.

“They attackers sabotage by using standard system processes to run special scripts. This malware spreads via USB or through operating system vulnerabilities.”

In its predictions for 2020, Bkav said it expects to see APT to become more sophisticated.

“Fileless will be the main trend, along with malware that counterfeits standard software and programs through DLL Side-Loading to bypass antivirus software,” the company added.

At the beginning of last year, a new cybersecurity law came into force in Vietnam that, said the government, would protect user data through localization.

However, the law is primarily concerned with removing ‘incorrect’ content and has widely been seen as a tool of control.

The Daily Swig has approached Bkav for further comment.

Par Emma Woollacott - PortSwigger - 22 January 2020